Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(terraform): Accept TLS 1.3 for Azure web apps and web app slots #6956

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

fix(terraform): Accept TLS 1.3 for Azure web apps and web app slots #6956

wants to merge 6 commits into from

Conversation

lestermarch
Copy link

@lestermarch lestermarch commented Jan 17, 2025
edited by baz-reviewer bot
Loading

User description

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

  • Update CKV_AZURE_15 (Minimum TLS version for App Services and Function Apps) to permit 1.3 as a value for site_config.minimum_tls_version in addition to the existing check for 1.2.
  • Update CKV_AZURE_154 (Minimum TLS version for App Service Slots) to permit 1.3 as a value for site_config.minimum_tls_version in addition to the existing check for 1.2.
  • Update unit tests for both of the above.

Fix

Fixes #6954

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my feature, policy, or fix is effective and works
  • New and existing tests pass locally with my changes

Generated description

Below is a concise technical summary of the changes proposed in this PR:

Updates the AppServiceMinTLSVersion and AppServiceSlotMinTLS checks to accept TLS 1.3 as a valid minimum TLS version for Azure web apps and web app slots. Modifies the check names to reflect the new acceptance criteria and updates the corresponding unit tests to validate the changes.

TopicDetails
Test Updates Updates unit tests and examples to cover the new TLS 1.3 acceptance
Modified files (4)
  • tests/terraform/checks/resource/azure/example_AppServiceMinTLSVersion/main.tf
  • tests/terraform/checks/resource/azure/example_AppServiceSlotMinTLS/main.tf
  • tests/terraform/checks/resource/azure/test_AppServiceSlotMinTLSVersion.py
  • tests/terraform/checks/resource/azure/test_AppServiceMinTLSVersion.py
Latest Contributors(2)
UserCommitDate
rotemavnifix-terraform-Allow-di...February 09, 2023
JamesWoolfendenfeat-terraform-new-azu...December 28, 2022
TLS Version Update Updates the minimum TLS version checks to accept 1.3 for Azure web apps and slots
Modified files (2)
  • checkov/terraform/checks/resource/azure/AppServiceMinTLSVersion.py
  • checkov/terraform/checks/resource/azure/AppServiceSlotMinTLS.py
Latest Contributors(2)
UserCommitDate
JamesWoolfendenfix-terraform-app_serv...November 13, 2022
YaaraVernerAdd-evaluated-keys-for...September 26, 2021
This pull request is reviewed by Baz. Join @lestermarch and the rest of your team on (Baz).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CKV_AZURE_15 - Allow TLS 1.3
1 participant
@lestermarch